Hackers Steal $8M from BitKeep Wallets Via Malicious Android App
Thieves compromised BitKeep cryptocurrency wallets after creating an "unofficial" Android app, resulting in the theft of money from user wallets.
According to blockchain security services provider PeckShield, approximately $8 million worth of assets were stolen.
#PeckShieldAlert #BitKeep reported that several users' funds were stolen, the official stated that possibly due to downloading a hacked APK version
∼$8M worth of assets have been stolen so far, including ~4373 $BNB, 5.4M $USDT, 196k $DAI, and 1233.21 $ETH pic.twitter.com/ZdomZGFWRO
— PeckShieldAlert (@PeckShieldAlert) December 26, 2022
The theft appears to have occurred through the downloading of hacked and maliciously coded unofficial APK packages.
BitKeep has advised users to transfer their funds to the official Chrome plugin wallet or the app downloaded from the official store, create a new wallet address, and keep their mnemonic phrase safe.
The company stated that the theft was mainly due to the hijacking of the 7.2.9 APK, and warned users to be cautious of using unofficial versions.
Also read: SEC Requests Sealing Of Hinman Speech Materials In Ongoing Ripple Legal Dispute
Security company Hacken has reported that almost $6 million worth of cryptocurrency assets have been taken in an ongoing attack, in which the attacker is "directly moving customers' money to other locations."
Hacken said the stolen money has been transferred to a Binance Smart Chain wallet and an Ethereum wallet, which received two large outgoing transactions totaling 709 and 504 Ether, or nearly $865,000 and $615,000, respectively.
Multi-chain data provider OKLink has disclosed that a total of $31 million in various assets across the Binance Smart Chain, Ethereum (CRYPTO: ETH), Tron (CRYPTO: TRX), and Polygon (CRYPTO: MATIC) have been taken in the attack, which is still ongoing.
【12-26 #BitKeep Hack Event Summary】
1/n
According to OKLink data, the bitkeep theft involved 4 chains BSC, ETH, TRX, Polygon, OKLink included 50 hacker addresses and total Txns volume reached $31M.
— OKLink (@OKLink) December 26, 2022
These numbers suggest the hacker is still making money from consumers who have downloaded the infected APK.
This is not the first time that BitKeep has been targeted by hackers this year.
In October, the wallet suffered an issue that led to the theft of $1 million in Binance Coin (CRYPTO: BNB) tokens.
Next: Trump Cards: Why The Crypto World Needs To Stand Up And Take Notice
Photo via Shutterstock.